Lucene search
MitreCVELIST:CVE-2022-29854HistoryMay 13, 2022 - 1:12 p.m.
CVE-2022-29854
2022-05-1313:12:13
mitre
www.cve.org
8
mitel 6900 series
ip phones
minet
unauthenticated attacker
physical access
root access
access control
code execution
cve-2022-29854
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
References
packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html
seclists.org/fulldisclosure/2022/Jun/32
www.mitel.com/support/security-advisories
www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0003
www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021
Related
prion
prion
Improper access control
2022-05-13 14:15:00
cve
cve
CVE-2022-29854
2022-05-13 14:15:08
nvd
nvd
CVE-2022-29854
2022-05-13 14:15:08
zdt
zdt
Mitel 6800/6900 Series SIP Phones Backdoor Access Vulnerability
2022-06-21 00:00:00
thn
thn
Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
2022-06-13 10:55:00
Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
2022-06-24 12:58:00
packetstorm
packetstorm
Mitel 6800/6900 Series SIP Phones Backdoor Access
2022-06-20 00:00:00